The banking world is usually a pretty cutthroat place, but the shared issue of cyber security has prompted eight major US banks to form a new alliance. J.P. Morgan, Goldman Sachs and Bank of America are among the banks that will form the new information sharing group within the existing Financial Services Information Sharing and Analysis Center, and also prepare incident responses and simulate cyber attacks on the sector. Fortune has reported that in 2016, for the second year in a row, 77% of bank executives in the US told the Banks Directors Risk Practices Survey that cybersecurity was their top concern. This has prompted some major spending on the issue, with J.P. Morgan spending US$500 million on cybersecurity in 2015.

In Australia, the ASX’s submission to a Productivity Commission inquiry into data availability and use (PDF) has noted that cyber security costs continue to increase for Australian businesses as online threats continue to grow. The ASX notes that financial market institutions and infrastructure are at the ‘forefront’ of cybersecurity challenges given the nature of personal and financial information they hold. It says investment in cyber security is critical to ensure confidence in financial markets. The ASX is working with stakeholders to develop cyber security health checks, announced as part of the new Australian Cyber Security Strategy in April. An ASX spokesperson told The Australian that ‘the aim is to share best practice and raise awareness across the ASX100’.

The Productivity Commission inquiry is investigating the benefits and costs of greater availability and costs of public and private data sets, options for collection, sharing and release of data and how to preserve individual privacy and control of data. Other major Australian companies that have made submissions to the Productivity Commission include the Commonwealth Bank, Telstra, and Australia Post, as well as government agencies including AUSTRAC.

#censusfail had just happened when Cyber Wrap was written last week, and while officials had blamed overseas hackers, it was still unclear exactly what had caused the census website to be taken offline. In the week since it has emerged that there was a bit more to it. Cyber security journalist Patrick Gray has listed on his site Risky.Biz the many contributing factors including the ABS and IBM’s refusal to purchase DDOS protection, their reliance on geo-blocking to defend the census from denial of service incidents, firewall errors, and false positive alerts about data exfiltration that caused the ABS to suspend the website. Gray characterises censusfail as ‘amateur hour’, and the PM probably agrees, accusing IBM of failing to take appropriate measures to protect the Census. Perhaps ASD’s new program to recruit high school students will make the next census a success.